image credit: Pexels

A flaw in Facebook Messenger could have allowed spying on users

November 20, 2020

Facebook has addressed a major security issue in its Messenger for Android app that could have allowed threat actors to spy on users by placing and connecting Messenger audio calls without their interaction.

The vulnerability was discovered by white-hat hacker Natalie Silvanovich, from Google’s Project Zero team.

The flaw resides in the Session Description Protocol (SDP) of WebRTC protocol, which is implemented in the Messenger app to support audio and video calls.

Read More on Security Affairs